Many of today's computing systems include computing resources that are not fully utilized. The owners of these systems often could benefit by increasing the utilization of these systems' computing resources.
A number of approaches could be adopted in order to increase utilization. Under a “consolidation” approach, the processes and data of multiple parties might be co-located on a single hardware unit in order to more fully utilize the resources of the hardware unit. Under the consolidation approach, multiple parties might share a single hardware unit's resources, including file systems, network connections, and memory structures. For example, multiple businesses might have separate websites that are hosted by the same server.
However, some of the parties might not know or trust each other. In some cases, some of the parties actually might be competitors with others of the parties. Under such circumstances, each party would want to ensure that its processes and data were shielded, or isolated, from access by other parties and those other parties' processes.
Mechanisms that would isolate one party's processes and data from other parties sharing the same hardware unit have been proposed. For example, a “jail” mechanism provides the ability to partition an operating system into a “non-jailed” environment and one or more “jailed” environments. The jail mechanism allows users, processes, and data to be associated with a jailed environment. For example, one group of users, processes, and data may be associated with one jailed environment, and another group of users, processes, and data may be associated with another jailed environment. The jail mechanism restricts users and processes that are associated with a particular jailed environment from accessing processes and data that are associated with environments (both jailed and non-jailed) other than the particular jailed environment.
Some operating systems provide a system console. A system console may be viewed as a special terminal that is used primarily for system administration. A system administrator can use a system console to log-in to an operating system even when other log-in mechanisms are unavailable. Crucial system messages may be emitted through the system console. The system console is usually available before other system devices. For example, the system console may become available before system networking facilities become available, and the system console may remain available even if the system networking facilities become unavailable. In some operating systems, the system console is accessible through a keyboard and monitor attached to the computing system on which the operating system resides. In some operating systems, the system console is accessible through a serial port of the computing system on which the operating system resides.
In some operating systems, processes may write to a system console through a console device. The console device is a virtual, or “pseudo” device. In many operating systems, processes may read from and write to the console device as though the console device was a file. This “file” may be associated with a widely known and accepted filename and path within a file system, so that multiple different programs may be coded to read from and write to the same “file” when reading from and writing to the system console. Many existing programs have been coded to read from and write to the widely known and accepted “/dev/console” console device.
As discussed above, an operating system may be partitioned into a non-jailed environment and one or more jailed environments. When an operating system is so partitioned, some levels of the “global” file system may, for reasons described above, intentionally be made unavailable to one or more of the jailed environments. If the “/dev” directory is in a level of the global file system that is not available to the jailed environments, then processes executing in those jailed environments are prevented from reading from or writing to “/dev/console.” As a result, when a process that is associated with a jailed environment attempts to read from or write to the system console, the attempt is unsuccessful.
Consequently, some existing programs that would execute normally in a non-partitioned operating system may malfunction or fail when executed in a partitioned operating system.